Author Topic: BitShares XT - Security against Market Manipulation FIND ATTACKS FOR TIPS  (Read 52289 times)

0 Members and 1 Guest are viewing this topic.

Offline bitcoinba

  • Full Member
  • ***
  • Posts: 193
    • View Profile




 

I am sorry for bring ups an old subjest but I just got around to read this. In order to short there must be inventory to borrow. Typically this inventory is held by institutions in the traditional market sense and lend this inventory to short sellers on margin. How are you accounting for inventory since there are no "institutions" holding  inventory/float?  Are you going to allow users the ability to lend out there own shares in a public pool? Are you going to show the amount of short inventory or rather the amount allowed to be borrowed to short? 

maybe you have this in a paper?
 
[/quote]


I think part of the answer is here: https://bitsharestalk.org/index.php?topic=4573.15

Offline jbutta2k13

  • Full Member
  • ***
  • Posts: 51
    • View Profile
Over the past week many people have identified certain attacks that we must guard against in the initial chain.   The theory behind BitShares XT works very well in a large established network, but early on in the life of a network things break down due to low market depth.    A few simple attacks have come to my attention that must be resolved and I will be posting them each in their own thread.  I would like to use this thread to discuss potential attacks and if an attack warrants in depth discussion I will spawn a new thread to discuss it.

I am not going to place a specific bounty price for finding attacks, lets just say that if you bring something to my attention that makes me realize something new that I will tip very generously up to hundreds of PTS.

This thread is motivated by the discovery of two attacks for which I have found solutions which will impact BitShares XTs rules:

Attack 1)  The SIDS Attack   (Sudden Instant Derivative Sack)

In this attack any user who is around when the blockchain is first launched can issue themselves $1 billion BitUSD as a long position with a short position of $1 billion BitUSD backed by 1 BTS.   It doesn't matter what the future consensus is, the short position will be blown out in a massive way and leave billions of BitUSD laying around with no backing. 

The solution to the SIDS Attack is two fold: 

   a) no market trading will be allowed for the first N days to allow enough people time to enter bids and asks that arrive at market consensus.
   b) no market trading will be allowed anytime either side of the order book has a depth below D% of the share supply.

This rule effectively states that for blockchain based trading to occur in an automated way there must be a quorum of shareholders agreeing on the price.  This does not prevent private parties from transferring BitUSD or BTS to other users or arranging manual trades.  It simply prevents any manipulation of the price that could result in margin calls at unrealistic prices.

The values for N and D are subject to debate, but my gut feeling is that N should be 14 days and D should be 5%

Attack 2)  The SlingShot Attack  (Other names welcome)

   In this attack, the attacker will place a large short order close to 2x above the current ask.  Under normal conditions this order would never be filled.   Then the attacker starts buying to push the price up until he triggers a short squeeze.   The short squeeze starts a chain reaction that pushes the price clear up into the attackers short position.  Then the price falls back to where it should and the attacker covers their position with a 50% gain.  Whether this attack is profitable or not depends upon how big of a short squeeze the attacker can trigger and how little is required to kick off the squeeze.   

I have been thinking long and hard about the SlingShot Attack and have concluded that the only solution is to increase margin requirements.  As it exists today, if someone wants to short 1 BitUSD the most they risk is 1 BitUSD.   On a traditional exchange, if you want to short something your potential losses are infinite because if you run out of margin then they can come after your savings, your house, and your future income.    The SlingShot Attack is much harder if the margin requirements make the probability of a short squeeze much lower.   

Lets assume a very conservative amount of margin, 10x.   To perform the SlingShot attack would require pushing the price up 9x and would reduce the attackers gain from a maximum of 50% to a maximum of 5%.    If you then combine this increase in margin requirements with the automatic market freeze anytime the depth fell below the required threshold and you will be unlikely to walk the book enough to trigger a short squeeze without suspending trading.

   What is the impact of requiring a larger margin for short positions?  People will still go short, but the amount of leverage they can apply will be reduced significantly.  BitUSD will still be created and thus will still trade.  Instead of the marketcap of BTS being 2x the value of the trading BitAssets it would now be at least 10x the value of the BitAssets traded.    Thus increasing margin requirements should only limit the ability to go short and have little influence on the price people are willing to go short.  Shorts will feel much more secure knowing that other shorts are less likely to end up in a squeeze which will balance out with the added risk of losing up to 10x the amount you shorted.   

    Based upon these two attacks and the need for significant market depth before the chain can be 'secure' I am starting to conclude that market depth is more important than transaction volume in limiting the number of BitAssets per chain.   For this reason I am thinking that the BitShares XT network should have only 2 BitAssets (Gold and Bitcoin).   We want to focus the trading efforts and market depth on two assets rather than spreading the network thin.   Once we understand the security implications future chains are likely to start with a larger user base, deeper markets, higher initial valuation, and thus able to support more assets securely.

    Please let me know of any other attack ideas you can come up with and what your thoughts are on these rule refinements?



 

I am sorry for bring ups an old subjest but I just got around to read this. In order to short there must be inventory to borrow. Typically this inventory is held by institutions in the traditional market sense and lend this inventory to short sellers on margin. How are you accounting for inventory since there are no "institutions" holding  inventory/float?  Are you going to allow users the ability to lend out there own shares in a public pool? Are you going to show the amount of short inventory or rather the amount allowed to be borrowed to short? 

maybe you have this in a paper?
 

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
Thanks for the tip!

Dan, now that you have given me a tip after I specifically refused it, here is in return, my decision to my non-attack.
Actually I have posted the main ingredients in a post long time ago. As I said it is ugly decision but the benefit is it prevents decoupling of  bitUSD (and other assets).
https://bitsharestalk.org/index.php?topic=3130.msg44854#msg44854
For this scenario I actually suggest variant 3 (‘c.’ in the original post) of my early suggestion: close the position with the position of the longs that opened with prices closest to the price the short ( that is being force closed/covered) was opened. This way the longs will know that if the price goes up 2 times there is great chance their position (or part of it) will be force-closed, so they can take appropriate action.
Consider the above if you think it worth the ‘price’ of such rule in order to prevent asset decoupling, or do not… it is up to you now.
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline Stan

  • Hero Member
  • *****
  • Posts: 2908
  • You need to think BIGGER, Pinky...
    • View Profile
    • Cryptonomex
  • BitShares: Stan
Send the tip to Agent86 than.

Thanks for the support tony, I'm with you in that I'm not worried about tips as much as I care about the success of bitshares.

I only have my BTC address at the moment 12iiqzhxn35EQbPDPt8ssLuJx3QtogNqLJ.  If it takes time out of your day to tip me BM, there's no need.

Agent86... thank you for your support and consideration of my time.   I'll have Stan tip you for the effort and if you want it re-invested in the project you can give back via AGS.

Tip for Tonyk:

Status: 0/unconfirmed, broadcast through 6 nodes
Date: 5/19/14 11:23
To: Tonyk - PgjNdTXCQQV97eBd5vaCHiqUtAvFF9B4xK PgjNdTXCQQV97eBd5vaCHiqUtAvFF9B4xK
Debit: -30.00 PTS
Net amount: -30.00 PTS
Transaction ID: 2bebec196ddceb4529ca1afd5e823953ccfbcfada8d86cef3ee392f1b05ee2a5

Tip for Agent86 will go out as soon as my @#%*~! BTC wallet completes its 36-hour rebuild cycle tomorrow.

Thanks!

Anything said on these forums does not constitute an intent to create a legal obligation or contract of any kind.   These are merely my opinions which I reserve the right to change at any time.

Offline bytemaster

Send the tip to Agent86 than.

Thanks for the support tony, I'm with you in that I'm not worried about tips as much as I care about the success of bitshares.

I only have my BTC address at the moment 12iiqzhxn35EQbPDPt8ssLuJx3QtogNqLJ.  If it takes time out of your day to tip me BM, there's no need.

Agent86... thank you for your support and consideration of my time.   I'll have Stan tip you for the effort and if you want it re-invested in the project you can give back via AGS.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
Day one...I have not received my PM neither  I have seen the tip to Agent86… well may by Dan is busy with BTS X (heard something about major update?!?)… will have to wait then…

Day 3 - May 18, 2014, 02:12:56 AM
The public books still show no tip sent to important contributor to this topic – i.e. AGENT86 !!!


Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline luckybit

  • Hero Member
  • *****
  • Posts: 2921
    • View Profile
  • BitShares: Luckybit
Magical airdrop/marketing secret idea of yours...
I am fine by you sending the tip to Agent86 if the idea is top secret though...which ever works for you better.

I'll leave the discussion of magical airdrop marketing ideas to the Beyond Bitcoin saturday morning chats OFF THE RECORD until we finalize on the best approach.

If you get a chance can you pm me with some highlights from the discussion? Maybe I can add some ideas in private which could improve on whatever the Bitshares team is contemplating.

From what I'm seeing the technology is passing the tests so if we can get the marketing right we all win.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
I only have my BTC address at the moment 12iiqzhxn*****?
If you do not have access at the moment, post it when you go home or where ever you have it. It would be pretty weird if do not have PTS account at all though...
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline Agent86

  • Sr. Member
  • ****
  • Posts: 471
  • BTSX: agent86
    • View Profile
Send the tip to Agent86 than.

Thanks for the support tony, I'm with you in that I'm not worried about tips as much as I care about the success of bitshares.

I only have my BTC address at the moment 12iiqzhxn35EQbPDPt8ssLuJx3QtogNqLJ.  If it takes time out of your day to tip me BM, there's no need.

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline bytemaster

Magical airdrop/marketing secret idea of yours...
I am fine by you sending the tip to Agent86 if the idea is top secret though...which ever works for you better.

I'll leave the discussion of magical airdrop marketing ideas to the Beyond Bitcoin saturday morning chats OFF THE RECORD until we finalize on the best approach.

For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
Magical airdrop/marketing secret idea of yours...
I am fine by you sending the tip to Agent86 if the idea is top secret though...which ever works for you better.
« Last Edit: May 15, 2014, 01:34:50 pm by tonyk »
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.

Offline bytemaster

What was I supposed to pm u about?


Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline tonyk

  • Hero Member
  • *****
  • Posts: 3308
    • View Profile
Day one...I have not received my PM neither  I have seen the tip to Agent86… well may by Dan is busy with BTS X (heard something about major update?!?)… will have to wait then…
Lack of arbitrage is the problem, isn't it. And this 'should' solves it.